London Hospitals Were Attacked By Russian Hackers

Uploaded on 2024-07-03 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW, BUSINESS-Services-Health & Welfare

A parliamentary committee issued a clear warning about the risk of a “catastrophic” ransomware attack months before Russian state -protected  hackers, known as Qilin, struck the National Health Service (NHS). 

Leading London hospitals -Guy's and St Thomas' and King's College - have both been affected by the attack on the pathology services provider Synnovis by the Russian cyber criminal group Qilin

Other London hospitals which have been severely impacted by the attack include the Royal Brompton, and Evelina Children’s Hospital. South London and Maudsley NHS Trust, which provides community and mental health services has also been heavily disrupted.

Qilin shared almost 400GB of private information on their darknet site, something they threatened to do in order to extort money from Synnovis. The result is that these hospitals are running at reduced capacity because of delays to processing vital blood, urine and tissue tests.

The NHS is “particularly vulnerable” and Britain is unprepared for the “high risk” of a major cyber hack,  the parliamentary Joint Committee on National Security Strategy (JCNSS) told the Government.

Russian Hacking Groups

While the syndicate od Russian state-protected hackers is though to comprise more than 100 individual groups, is not under the direct control of the Russian Government. However, its members enjoy safe haven in the country and are seen by Moscow as a useful tool of cyber warfare and global disruption.

According the JCNSS,  the NHS was operating with “crumbling IT services and a lack of investment”, including “IT systems that are out of support or have reached the end of their lifecycle”. This put it in a “particularly difficult position to protect itself from cyber-attacks”.

Home Office ministers and officials have prioritised policy over the threat of ransomware as a national security risk and the Home Office leads on the risks of cyber security but responsibility for this should be transferred to the Prime Minister's Cabinet Office. “There is a high risk that the Government will face a catastrophic ransomware attack at any moment, and that its planning will be found lacking. If the UK is to avoid being held hostage to fortune, it is vital that ransomware becomes a more pressing political priority, and that more resources are devoted to tackling this pernicious threat to the UK’s national security,” the report said. 

In response to the report, the Government said it was making tackling ransomware a priority in an effort to raise the cyber resilience of the UK, and its critical national infrastructure. It pledged further investment and to work with industry and international partners to pursue criminal groups who conduct attacks.

The British Government claims to have spent over £338m on increasing the resilience of NHS systems to protect it from hacks, and in 2023 launched the UK’s Cyber Strategy to set minimum standards of cyber security to help defend critical infrastructure. NHS England said it had set up a helpline to support people impacted by the attack and it will continue to share updates, but "investigations of this type are complex and take time".

The British National Crime Agency (NCA) which leads the UK’s response to cyber crime, was described as being “locked in an uphill struggle against the ransomware threat, with insufficient resources and capabilities to match the scale of this challenge”. The NCA is also reported to be considering the possibility of taking retaliatory action against Qilin.

DigitalHealth   |     The Record   |    Telegraph   |    inews   |    BBC   |    Guardian   |   Independent   | 

Image: Suraphat Nuea-on

You Might Also Read: 

Russia’s Nation-State Hackers: A Serious Threat To Global Security

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« RCE Vulnerability In OpenSSH Server
Treading A Safe Path - Navigating Hidden Ransomware Risks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Security Magazine

Security Magazine

Security, the business magazine for security executives, focuses on management issues facing top security professionals and effective solutions being employed, both physical and cyber.

Northwave

Northwave

Northwave offers an Intelligent combination of cyber security services to protect your information.

Elastic

Elastic

Elastic is the world's leading software provider for making structured and unstructured data usable in real time for search, logging, security, and analytics use cases.

Igloo Security

Igloo Security

Igloo Security is a leader and pioneer in SIEM (Security Information & Event Management), PSIM (Physical Security Information Management) and MSS (Managed Security Services).

PROMIA

PROMIA

PROMIA is in the business of providing solutions that are designed to support highly secure, reliable, scalable and interoperable business applications.

Calian Group

Calian Group

Calian is a diverse Canadian company offering professional services in areas including Advanced Technologies, Health, Learning and IT & Cyber Solutions.

Momentum Cyber

Momentum Cyber

Momentum Cyber provides world-class M&A and strategic advice combined with unparalleled senior-level access to the Cybersecurity ecosystem.

CyberStream

CyberStream

CyberStream, a division of the TechStream Group, is an information & cybersecurity talent acquisition solution provider.

Riddle&Code

Riddle&Code

Riddle&Code is a product-led services company specializing in onboarding industries to Web3. The team's mission is to provide a trusted connection between the digital and physical worlds.

Port53 Technologies

Port53 Technologies

Port53 Technologies is focused on delivering enterprise-grade, cloud-delivered security solutions that are easy to deploy, simple to manage and extremely effective.

VLATACOM Institute

VLATACOM Institute

Vlatacom Institute is privately owned accredited research and development institute, system integrator and turn-key solution provider. Areas of expertise include encryption and authentication.

Open Source Security Foundation (OpenSSF)

Open Source Security Foundation (OpenSSF)

OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all.

RiskSmart

RiskSmart

RiskSmart empower risk, compliance, and legal teams with a tech-led and data-driven platform designed to save time, reduce costs and add real value to businesses.

Northrop Grumman

Northrop Grumman

Northrop Grumman is a global provider and integrator of complex, advanced and rapidly adapting information technology, cybersecurity, mobility and optimized services and solutions.

All About Cookies

All About Cookies

All About Cookies is an informational website that provides tips, advice, and recommendations to help you with Online Privacy, Identity Theft Prevention, Antivirus Protection, and Digital Security.

Cybervergent

Cybervergent

Cybervergent (formerly Infoprive) are a leading cybersecurity technology company in Africa. We provide cybersecurity guidance and solutions that help protect your business.